mirror of
https://github.com/servo/servo.git
synced 2025-08-03 12:40:06 +01:00
Add simple implementation of content-security-policy on scripts / styles
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577
This commit is contained in:
parent
6d488f1be2
commit
b8f3e8bb2e
16 changed files with 175 additions and 41 deletions
|
@ -4,6 +4,7 @@
|
|||
|
||||
use crate::ReferrerPolicy;
|
||||
use crate::ResourceTimingType;
|
||||
use content_security_policy::{self as csp, CspList};
|
||||
use http::HeaderMap;
|
||||
use hyper::Method;
|
||||
use msg::constellation_msg::PipelineId;
|
||||
|
@ -20,37 +21,7 @@ pub enum Initiator {
|
|||
}
|
||||
|
||||
/// A request [destination](https://fetch.spec.whatwg.org/#concept-request-destination)
|
||||
#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
|
||||
pub enum Destination {
|
||||
None,
|
||||
Audio,
|
||||
Document,
|
||||
Embed,
|
||||
Font,
|
||||
Image,
|
||||
Manifest,
|
||||
Object,
|
||||
Report,
|
||||
Script,
|
||||
ServiceWorker,
|
||||
SharedWorker,
|
||||
Style,
|
||||
Track,
|
||||
Video,
|
||||
Worker,
|
||||
Xslt,
|
||||
}
|
||||
|
||||
impl Destination {
|
||||
/// https://fetch.spec.whatwg.org/#request-destination-script-like
|
||||
#[inline]
|
||||
pub fn is_script_like(&self) -> bool {
|
||||
*self == Destination::Script ||
|
||||
*self == Destination::ServiceWorker ||
|
||||
*self == Destination::SharedWorker ||
|
||||
*self == Destination::Worker
|
||||
}
|
||||
}
|
||||
pub use csp::Destination;
|
||||
|
||||
/// A request [origin](https://fetch.spec.whatwg.org/#concept-request-origin)
|
||||
#[derive(Clone, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
|
||||
|
@ -175,6 +146,11 @@ pub struct RequestBuilder {
|
|||
pub pipeline_id: Option<PipelineId>,
|
||||
pub redirect_mode: RedirectMode,
|
||||
pub integrity_metadata: String,
|
||||
// This is nominally a part of the client's global object.
|
||||
// It is copied here to avoid having to reach across the thread
|
||||
// boundary every time a redirect occurs.
|
||||
#[ignore_malloc_size_of = "Defined in rust-content-security-policy"]
|
||||
pub csp_list: Option<CspList>,
|
||||
// to keep track of redirects
|
||||
pub url_list: Vec<ServoUrl>,
|
||||
pub parser_metadata: ParserMetadata,
|
||||
|
@ -206,6 +182,7 @@ impl RequestBuilder {
|
|||
url_list: vec![],
|
||||
parser_metadata: ParserMetadata::Default,
|
||||
initiator: Initiator::None,
|
||||
csp_list: None,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -329,6 +306,7 @@ impl RequestBuilder {
|
|||
request.url_list = url_list;
|
||||
request.integrity_metadata = self.integrity_metadata;
|
||||
request.parser_metadata = self.parser_metadata;
|
||||
request.csp_list = self.csp_list;
|
||||
request
|
||||
}
|
||||
}
|
||||
|
@ -396,6 +374,11 @@ pub struct Request {
|
|||
pub response_tainting: ResponseTainting,
|
||||
/// <https://fetch.spec.whatwg.org/#concept-request-parser-metadata>
|
||||
pub parser_metadata: ParserMetadata,
|
||||
// This is nominally a part of the client's global object.
|
||||
// It is copied here to avoid having to reach across the thread
|
||||
// boundary every time a redirect occurs.
|
||||
#[ignore_malloc_size_of = "Defined in rust-content-security-policy"]
|
||||
pub csp_list: Option<CspList>,
|
||||
}
|
||||
|
||||
impl Request {
|
||||
|
@ -428,6 +411,7 @@ impl Request {
|
|||
parser_metadata: ParserMetadata::Default,
|
||||
redirect_count: 0,
|
||||
response_tainting: ResponseTainting::Basic,
|
||||
csp_list: None,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue